Available inDSQL

Syntax

Table 14.3.1.1 SET ROLE Statement Parameters

The SET ROLE statement allows a user to assume a different role; it sets the CURRENT_ROLE context variable to role_name, if that role has been granted to the CURRENT_USER. For this session, the user receives the privileges granted by that role. Any rights granted to the previous role are removed from the session. Use instead of role_name to clear the CURRENT_ROLE.

14.3.1.1 SET ROLE Examples

1. Change the current role to MANAGER

See alsoSection 14.3.2, SET TRUSTED ROLE,

14.3.2 SET TRUSTED ROLE

Used forChanges role of the current session to the trusted role

Available inDSQL

Syntax

A trusted role is not a specific type of role, but can be any role that was created using CREATE ROLE, or a predefined system role such as . An attachment (session) has a trusted role when the finds a match between the authentication result passed from the plugin and a local or global mapping to a role for the current database. The role may be one that is not granted explicitly to that user.

When a session has no trusted role, executing SET TRUSTED ROLE will raise error Your attachment has no trusted role.

Note

While the CURRENT_ROLE can be changed using SET ROLE, it is not always possible to revert to a trusted role using the same command, because SET ROLE checks if the role has been granted to the user. With SET TRUSTED ROLE, the trusted role can be assumed again even when SET ROLE fails.

14.3.2.1 SET TRUSTED ROLE Examples

1. Assuming a mapping rule that assigns the role ROLE1 to a user :

See also, Mapping of Users to Objects